Deploying the Macrobond application

Installation and packaging  

Macrobond application can be successfully installed either on single user machine or packaged and redistributed to all intended users with use Active Directory’s group policies or other deployment systems used by your organization. 

For single machine deployment, we recommend using installation program (also called Setup program).  

For packaging purposes, we provide two-part installation: 

  • MSI program to install base version, 
  • MSP to install the incremental update to newer version. 

Though we are providing both 32- and 64-bit versions of the application, we strongly suggest installing the 64-bit version on 64-bit Windows and 32-bit on 32-bit Windows. It will prevent combability issues with other programs. 

MSI+MSP scripts can be downloaded for local deployment from our installation page. 

Main installation requires installation rights. Elevated privileges are needed during installation process to register Microsoft Office add-ins and DLLs. Once installed, users can be allowed to safely upgrade the application without elevated privileges using a feature in Windows called UAC patching.    

All the above methods along with installation files are described in detail at: Installation.

Requirements

Minimum software requirements

Operating system 
  • Microsoft Windows 7 
  • Windows 7 SP1 
  • Windows 8 
  • Windows 10
Microsoft .NET Framework 
  • Version 4.5.2 or higher 
  • 4.6.2 or higher is recommended  
  • Starting with MB 1.25, we will require 4.6.2 or later and older versions will no longer be supported. 
Microsoft Office 
  • Office 2013 
  • Office 2016 
  • Office 2019 
  • 64-bit version of Office requires the 64-bit installation of Macrobond.  
  • The 64-bit version of Macrobond supports both 32 and 64-bit Office, 64-bit is recommended. 

Minimum hardware requirements

Screen resolution  1280x768 pixels or higher at 96 DPI. For higher DPI, the required resolution is correspondingly higher. 
Processor  1 GHz or faster. Dual core or more for 64-bit installations 

Connectivity and internet resources 

Server IP Protocol Description
app1.macrobondfinancial.com 79.136.101.36,
2001:9b0:1:2100::36
https Main application server
app2.macrobondfinancial.com 142.4.206.172, 2607:5300:203:3764:0:0:0:12  https Secondary application server
app3.macrobondfinancial.com 209.58.188.70, 2001:df1:801:a008:5:0:0:12 https Tertiary application server
macrobond.net, download.macrobond.com 79.136.101.40, 2001:9b0:1:2100::40 https Application update files in the MSI/MSP format.
help.macrobond.com 79.136.101.45, 2001:9b0:1:2100::45 https For help files, documentation.
www.macrobond.com, redir.macrobond.com, techinfo.macrobond.com   https For help files, documentation, latest news etc.
r.macrobond.com 79.136.101.43, 2001:9b0:1:2100::43 https For redirects from http to links that point to data in the Macrobond application.
cdn.publish.macrobond.net   https For the web-publish feature of the Macrobond application.
*.vimeo.com,
*.vimeocdn.com,
*.akamaihd.net
  https For streaming video tutorials.
crl.globalsign.net   http  Server with certificate revocations list for the GlobalSign certificate authority. This server is contacted by Windows to verify the digital certificate of the installation.
api.twitter.com,
upload.twitter.com 
  https  This is needed only if you want to use the functionality to send charts to Twitter from within the application.
api.linkedin.com   https  This is needed only if you want to use the functionality to send charts to LinkedIn from within the application.

Disclaimer: While our DNS <> IP are fairly static, we cannot guarantee that they’ll never change. 

Directories

Directory Description
%PROGRAMFILES%\Macrobond Financial\Macrobond All the program files. Created and populated by the installation program. Only read access is required when running.
%WINDIR%\System32
%USERPROFILE%\AppData\Local\MacroBond Financial
The Microsoft C++ Runtime, is installed here by the installation program if they are not already installed. Only read access is required when running.
Application data that are not documents. The directory is created the first time the application is started.
%USERPROFILE%\My Documents\Macrobond Documents stored by the user in the My Computer location. The directory is created the first time it is needed by the application.
The name of the "My Documents" directory is dependent on the language of the Windows installation.
%TEMP% Application logs are saved here and may be useful for support to troubleshoot problems. Users will be asked to enable advanced application logging and provide us with result files that may include:

  • Abacus.Excel.log
  • Excel-AddIn.app.log
  • MacroBond.err.log

Registry settings  

In general settings can be either in HKLM or HKCU. HKCU has higher priority. 

Note! For HKLM when using the 64-bit installation the values must be written to both HKLM\Software\Macrobond Financial and HKLM\SOFTWARE\Wow6432Node\Macrobond Financial 

Security 

Installation files and Macrobond.exe are digitally signed and this can be used to verify the source and integrity of the downloaded files. 

Communication between client PCs and Macrobond’s backend is carried by default over HTTPS using standard Windows API. If the SSL certificate seen by the application is expired or invalid – application will not connect to the Macrobond’s backend. It is also possible to additionally activate a check on the client side of the certificate’s thumbprint in order to verify point-to-point encryption. This option is disabled by default. 

Macrobond passwords 

Macrobond Passwords are at least 13 characters long; they include letters, numbers and symbols. They are non-dictionary. There is no support for custom passwords policy. The user is asked to enter the password only during the first use of the Macrobond application. The credentials are encrypted symmetrically using Windows API and stored in the registry. 

Passwords are stored and transmitted in an encrypted form. Locking and unlocking an account are logged and archived. Successful and unsuccessful logon and logoff of all accounts are logged. 

Macrobond’s password should be treated more like a license key – user is asked about it only during the first application use, then the credentials are saved in symmetrically encrypted form in Windows' registry. There is no logout functionality as such. User will be always logged in unless they remove credentials. 

Additional information: How to change password?

IP address

It is possible to limit IP addresses range from which given Macrobond account can be used. It is also possible to limit from how many PCs given Macrobond account can be used – it is set by default to two, if needed – can be set to one.

Login attempts from another Windows profiles or different PCs will not be possible, you will need to contact Macrobond’s support to ‘reset’ the account to allow login from a different computer. 

Storing files  

Macrobond files can be stored on 4 types of accounts: 

  • Personal account- only given user has access to the files, including write rights. 
  • Department account- only members of given department have access to the files, including write rights. Information on membership in department is included in client’s account and is set by Account manager or Support team member. 
  • Company account- all users from your organization have access to the files, including write rights. 
  • Library account- only specified users with Library role set in their account can add and modify files, all users within organization can see them. Information on Library role and is set by Account manager or Support team member. 

All of the above files are stored on our servers. 

We also allow users store their own data on Macrobond servers. This includes: 

  • Macrobond documents 
  • Chart view sizes 
  • Fill ranges 
  • In-house series 
  • Style sheets 
  • Presentations 
  • User defined formulas 
  • Bookmarks, favorite series & data-tree branches 
  • Application configurations 

If your company policy does not allow storing data externally, files can be stored locally on the user’s computer or on a locally reachable network location. 

Similarly, a user’s in-house time series can be saved under the Company account or kept in local Excel files, when the Excel in-house feature is used. 

If needed, Macrobond can centrally disable the possibility of storing any in-house series or Macrobond Documents on Macrobond servers. Then users need to use their own file servers for storing Macrobond documents and Excel in-house, as an alternative to Account in-house. 

Backup/recovering files 

Macrobond backend servers are fully backed up every 24h, we also use continuous transaction archiving so in case of a disaster we can recover the data with point-in-time precision.  We keep online 1 month worth of transaction backups, 1 month worth of daily full backups, over 30 weeks worth of weekly backups are kept offline.  

Client’s data stored on servers in Canada, Hong Kong, Sweden and Poland are kept in an encrypted form (we use full disk encryption mechanism called LUKS). Backups of all the data are stored in an encrypted form.